package com.crishne.anwo.controller;


import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.crishne.anwo.service.LogService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

import com.alibaba.fastjson.JSONObject;
import com.crishne.anwo.constant.JsonStringConstant;
import com.crishne.anwo.model.User;
import com.crishne.anwo.model.Menu;
import com.crishne.anwo.service.MenuService;
import com.crishne.anwo.service.UserService;
import com.crishne.anwo.utill.AclSecurityUtil;
import com.crishne.anwo.utill.CommonUtill;
import com.crishne.anwo.utill.CookieTool;
import com.crishne.anwo.utill.WebUtil;


@Controller 
@RequestMapping("/")
public class LoginController {
	
	@Autowired
	private UserService userService;
	
	@Autowired
	private MenuService menuService;

	@Autowired
	private LogService logService;
	
	private CommonUtill commonUtill = new CommonUtill();

	//返回jsp视图
	@RequestMapping(value = "login")
	public String login(Model model){
		model.addAttribute("name","jsp页面展示");
		return "login";
	}
	
	@RequestMapping("loginSubmit")
	public String loginSubmit(HttpServletResponse response,HttpServletRequest request,Model model) throws Exception
	{
		String msg = "登录失败，";
		String userName = request.getParameter("userName");  
		String password = request.getParameter("password");

		User tUser = userService.getUserByName(userName);
		if(null == tUser){
			msg = "不存在该用户名！";
			model.addAttribute("message", WebUtil.encodeURL(msg));
	        
	        CookieTool.addCookie(response,"loginName",null,0);  //清除Cookie
	        CookieTool.addCookie(response,"loginPwd",null,0);    //清除Cookie
	        
	        return "login";
		}
		else{
			AclSecurityUtil asu = AclSecurityUtil.getInstance(AclSecurityUtil.ALGORITHM_SHA1);
			if(!asu.encodePassword(password).equals(tUser.getStUserPwd())){
				msg = "密码不正确！";
				model.addAttribute("message", WebUtil.encodeURL(msg));
		        
		        CookieTool.addCookie(response,"loginName",null,0);  //清除Cookie
		        CookieTool.addCookie(response,"loginPwd",null,0);    //清除Cookie

				return "login";
			}
			else{
				msg = "登录成功";
		    	HttpSession session = request.getSession();
		    	session.setAttribute("userid", tUser.getStUserId());
		    	session.setAttribute("username", tUser.getStUserName());
		    	session.setAttribute(tUser.getStUserId(), tUser);
		    	
		    	//用户权限功能放入session
		    	List<Menu> menuList = null;
				if("0".equals(tUser.getStStatus())){
					menuList = menuService.getAllMenus();
				}
				else{
					menuList = menuService.getMenusByUserId(tUser.getStUserId());
				}
		    	session.setAttribute("userMenu", menuList);
		    	
		    	String remenberme = request.getParameter("remenberme");
		    	int  loginMaxAge = 30*24*60*60;   //定义账户密码的生命周期，这里是一个月。单位为秒
		    	if ( "on".equals(remenberme) ) {
		    	      CookieTool.addCookie(response , "loginName" , userName , loginMaxAge); 
		    	      CookieTool.addCookie(response , "loginPwd" , password , loginMaxAge);        
		    	}
		    	else{
		    		CookieTool.addCookie(response,"loginName",null,0);  //清除Cookie
			        CookieTool.addCookie(response,"loginPwd",null,0);    //清除Cookie
		    	}
		    	//记录登录日志
				logService.logFao(request,"登录",userName+"-登录");

				return "redirect:/index.htm";
			}
		}

	}

	//返回jsp视图
	@RequestMapping(value = "index")
	public String index(){
		return "/admin/index";
	}

	/**  
	* 函数功能说明 :用户登出
	* Administrator修改者名字
	* 2013-5-9修改日期
	* 修改内容
	* @Title: logout 
	* @Description:
	* @param @return
	* @param @throws Exception    设定文件 
	* @return String    返回类型 
	* @throws 
	*/
	@RequestMapping("logout")
	public String  logout(HttpServletResponse response,HttpServletRequest request)
	{
		HttpSession session = request.getSession();
		String strUserId= (String)session.getAttribute("userid");
		String stUserName = (String)session.getAttribute("username");

		//记录登录日志
		logService.logFao(request,"登出",stUserName+"-登出");

		session.removeAttribute(strUserId);
		session.removeAttribute("userid");
		session.removeAttribute("username");
		session.removeAttribute("userMenu");

		return "login";
	}
	
	@RequestMapping("resetPwd")
	public void resetPwd(HttpServletResponse response,HttpServletRequest request) throws Exception
	{	
		String msg = "修改失败，";  
		String stPwd = request.getParameter("stPwd");  
		String stNewPwd = request.getParameter("stNewPwd");
		
		HttpSession session = request.getSession();
		String userid = (String)session.getAttribute("userid");
		User tUser = (User)session.getAttribute(userid);
		AclSecurityUtil asu = AclSecurityUtil.getInstance(AclSecurityUtil.ALGORITHM_SHA1);
		if(!asu.encodePassword(stPwd).equals(tUser.getStUserPwd())){
			msg = "原密码不正确！"; 
		}
		else{
			tUser.setStUserPwd(asu.encodePassword(stNewPwd));
			userService.updateUser(tUser);
			session.removeAttribute(userid);
			session.setAttribute(userid, tUser);
			msg = "修改成功！";
		}
		JSONObject jsonString = JsonStringConstant.getNoDataSuccessMessage(msg);

		commonUtill.OutputJson(jsonString, response, request);
	}


}
